Cisco Cisco Packet Data Interworking Function (PDIF) Prospecto
Crypto Templates
▀ Verifying a Crypto Template Configuration
▄ Cisco StarOS IP Security (IPSec) Reference
82
Verifying a Crypto Template Configuration
Enter the following Exec mode command for the appropriate context to display and verify your crypto template:
show crypto template tag map_name
This command outputs configuration information for the specified template.
The following is a sample output for a crypto template named wsg-01.
Map Name: wsg01
=========================================
Map Status: Complete
Crypto Map Type: IPSEC IKEv2 Template
IKE SA Transform 1/1
Transform Set: ikesa-wsg-01
Encryption Cipher: aes-chc-128
Pseudo Random Function: sha1
Hashed Message Authentication Code: sha1-96
Diffie-Hellman Group: 2
IKE SA Rekey: Disabled
Blacklist/Whitelist : None
OCSP Status: : Disabled
OCSP Nounce Status : Enabled
NAI: 92.99.99.30
Remote-secret-list: <not configured>
Authetication Local:
Phase 1 - Pre-Shared Key (Size = 3)
Self-certificate Validation: Diabled
IPSec SA Payload 1/1 (Generic)
Name : wsg-sa0
Payload Local
Protocol 255 Port 0-0 Address Range 76.67.0.1-76.67.0.1
Payload Remote
Protocol 255 Port 0-0 Address Range 54.45.0.1-54.45.0.1
IPSec SA Transform 1/1
Transform Set: tselsa-wsg
Protocol: esp
Encryption Cipher: aes-cbc-128
=========================================
Map Status: Complete
Crypto Map Type: IPSEC IKEv2 Template
IKE SA Transform 1/1
Transform Set: ikesa-wsg-01
Encryption Cipher: aes-chc-128
Pseudo Random Function: sha1
Hashed Message Authentication Code: sha1-96
Diffie-Hellman Group: 2
IKE SA Rekey: Disabled
Blacklist/Whitelist : None
OCSP Status: : Disabled
OCSP Nounce Status : Enabled
NAI: 92.99.99.30
Remote-secret-list: <not configured>
Authetication Local:
Phase 1 - Pre-Shared Key (Size = 3)
Self-certificate Validation: Diabled
IPSec SA Payload 1/1 (Generic)
Name : wsg-sa0
Payload Local
Protocol 255 Port 0-0 Address Range 76.67.0.1-76.67.0.1
Payload Remote
Protocol 255 Port 0-0 Address Range 54.45.0.1-54.45.0.1
IPSec SA Transform 1/1
Transform Set: tselsa-wsg
Protocol: esp
Encryption Cipher: aes-cbc-128